package com.gds.wiki.cloud.admin.server.security;

import com.gds.wiki.cloud.oauth2.common.model.SecurityUser;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.core.Authentication;

import java.io.Serializable;
import java.util.Map;

@Configuration
public class CustomPermissionEvaluator implements PermissionEvaluator {
    //普通的targetDomainObject判断
    @Override
    public boolean hasPermission(Authentication authentication, Object targetDomainObject, Object permission) {
        String urls=(String)permission;
        String[] url=urls.split(",");
        SecurityUser securityUser= (SecurityUser) authentication.getPrincipal();
//        System.out.println(JSON.toJSONString(securityUser.getResourceList()));
        for(String u:url){
            for(Map a:securityUser.getResourceList()){
                if(a.get("url").equals(u)){
                    return true;
                }
            }
        }
        return false;
    }
    //用于ACL的访问控制
    @Override
    public boolean hasPermission(Authentication authentication, Serializable targetId, String targetType, Object permission) {
        return false;
    }
}
